JP2016520223A - Method and system for exchanging encrypted messages between computing devices in a communication network - Google Patents

Abstract

A method for exchanging messages (202) between computing devices in a communication network is disclosed, wherein the messages have encrypted data and scheme identifiers. The method executes encrypted program code for encrypting data in response to the first user action being performed on the first computing device (204) and Encoding in a message and transmitting the message by a first computing device to a second computing device (206), detecting the execution of a second user action on the second computing device with respect to the message Activating the decryption program code by the second computing device to provide a message to the decryption program code associated with the scheme identifier in response to detecting the execution of the second user action, encrypted By a second computing device to retrieve data Decoding the message using the decryption program code and decrypting the data encrypted by the second computing device via the decryption program code to obtain the decrypted data. Related systems are also disclosed.

Description

  The present invention relates to a method and system for exchanging messages having encrypted data and scheme identifiers between computing devices in a communication network.

  Traditionally, some mobile operating systems (eg, iOS ™ from Apple Inc ™) do not allow third-party developer applications to intercept emails, SMS messages, etc. upon receipt. As a result, mobile applications developed by third party developers for use within their mobile operating system cannot be programmed to directly intercept their received email or SMS messages. Thus, for example, a third party (developed) decryption application cannot be configured to automatically intercept and decrypt data that has been encrypted and received via email or SMS messages. Instead, the received encrypted data is displayed and understood as the body of static text in the mobile operating system user interface (UI) (see screenshot 100 in Figure 1a). This does not readily allow further processing of the encrypted data by a user of any of the aforementioned mobile operating systems.

  In the aforementioned mobile operating system, the process of decrypting encrypted data received via email or SMS messages (for example) typically involves the user selecting encrypted data, Perform a (digital) copy to the mobile operating system's working memory buffer (i.e., see screen shot 150 in Figure 1b), and then supply the copied encrypted data (as a data stream) After manually performing (digital) pasting into a third-party decryption application, the third party can decrypt the encrypted data and then display the decrypted result to the user To launch another decryption application (e.g. the associated button) Need to be done manually). In practice, the process is complex, error prone and not user friendly.

  One object of the present invention is to address at least one of the problems of the prior art and / or provide a useful option in the art.

  According to a first aspect of the present invention, there is provided a method performed by a computing device to process a message from another computing device in a communication network, wherein the message is encrypted data and schemes. Contains an identifier. The method detects execution of a user action on the message, activates program code to provide a message to a decryption program code associated with the scheme identifier in response to detecting execution of the user action, encryption Decoding the message using program code to obtain the processed data and decrypting the encrypted data via the program code to obtain the decrypted data.

  The method advantageously eliminates the need for the user to manually copy and paste messages from third party digital messaging applications into decryption program code for processing to obtain encrypted data. A message (using encrypted data) received via a third-party digital messaging application by automatically invoking decryption program code upon execution of a user action on the message based on the scheme identifier Allows the process to be performed conveniently. Thus, the proposed method reduces the number of user interactions required to process such messages and beneficially streamlines the overall user experience for performing these tasks.

  Preferably, the method can further include displaying the decrypted data to a user of the computing device. Specifically, the scheme identifier can include a message header. On the other hand, the message may further include at least a domain identifier, a session identifier, and a data field, where the data field includes encrypted data.

  Preferably, decoding the message to obtain the encrypted data may include performing the decoding according to a predetermined decoding scheme including a custom URL scheme. The decoded data can include text, images, animation, video, or audio. More preferably, the method can further include receiving the message via at least SMS, MMS, email, instant messaging, or electronic document delivery service. Also, user actions can include only a single action. User actions can include clicking a button, providing an audible command, or selecting a message. More preferably, the method can further include displaying an indication of the type of user action to be performed.

  According to a second aspect of the invention, there is provided a method performed by a computing device to provide a message having encrypted data to another computing device in a communication network. In response to a user action being performed, the method executes encrypted program code to encrypt the data, encodes the encrypted data into a message, and sends the message to another computer. Transmission to a storage device. The message includes a scheme identifier to allow another computing device to launch a decryption program code associated with the scheme identifier for processing the message.

  Preferably, the scheme identifier can include a message header. The method can further include receiving or generating data to be encrypted. The message can further include at least a domain identifier, a session identifier, and a data field, and the encrypted data is provided in the data field.

  More preferably, encoding the encrypted data into the message can include performing the encoding according to a predetermined encoding scheme including a custom URL scheme. In addition, the method can further include displaying an indication of the type of user action to be performed. The data can include text, images, animation, video, or audio. Preferably, transmitting the message may include transmitting via at least SMS, MMS, email, instant messaging, or electronic document delivery service. Specifically, a user action can include only a single action, and further a user action can include clicking a button, providing an audible command, or selecting received data. The method may preferably further include displaying a user interface to allow selection or provision of data to be encrypted.

  According to a third aspect of the invention, there is provided a method performed by a mobile computing device to process a message from another mobile computing device in a communication network, wherein the message is encrypted data. And a scheme identifier. The method detects the execution of only a single action on the message, the program code to provide a message to the decryption program code associated with the scheme identifier in response to detecting the execution of the single action. Decode the message using the program code to obtain the encrypted data, and the encrypted data via the program code to obtain the decrypted data Decoding.

  According to a fourth aspect of the present invention, there is provided a method executed by a mobile computing device to provide a message having encrypted data to another mobile computing device in a communication network. The method executes the encrypted program code to encrypt the data, encodes the encrypted data into the message, and encrypts the message in response to only a single action being performed. Transmitting to another mobile computing device. The message includes a scheme identifier for allowing another mobile computing device to launch a decryption program code associated with the scheme identifier for processing of the message.

  According to a fifth aspect of the present invention, a decryption device is provided for processing a message from a computing device in a communication network, the message including encrypted data and a scheme identifier. The decoding device has a detector module for detecting the execution of a user action on the message; receives the detection signal from the detector module; A processor module for invoking program code to provide; a decoder module for decoding a message using the program code to obtain encrypted data; and obtaining the decrypted data And a decryption module for decrypting the encrypted data through the program code.

  Preferably, the device may further comprise a display module for displaying the decrypted data to a user of the decryption device or for displaying an indication of the type of user action to be performed. . In addition, the scheme identifier may include a message header. The message can further include at least a domain identifier, a session identifier, and a data field, the data field including encrypted data.

  More preferably, the decoder module may be arranged to decode the message according to a predetermined decoding scheme including a custom URL scheme. The decoded data can include text, images, animation, video, or audio. The device may further comprise a receiver module for receiving messages via at least SMS, MMS, email, instant messaging, or electronic document delivery services. Further, user actions can include only a single action. User actions can also include clicking a button, providing an audible command, or selecting a message.

  According to a sixth aspect of the present invention, there is provided an encryption device configured to execute encrypted program code to provide a message having encrypted data to a computing device in a communication network. Is done. The encryption device is configured to respond to user actions to execute encrypted program code for encrypting data, encoding the encrypted data into a message, and transmitting the message to the computing device. Provided with a processor module. The message includes a scheme identifier that enables the computing device to launch a decryption program code associated with the scheme identifier to process the message.

  Preferably, the scheme identifier can include a message header. The device can further comprise a receiver module for receiving data to be encrypted. In addition, the message can further include at least a domain identifier, a session identifier, and a data field, and the encrypted data is provided in the data field.

  Preferably, the processor module may be arranged to encode the encrypted data according to a predetermined encoding scheme including a custom URL scheme. The device may further comprise a display module for displaying an indication of the type of user action to be performed. The data can include text, images, animation, video, or audio. The processor module may also be configured to transmit the message using the transmitter module via at least an SMS, MMS, email, instant messaging, or electronic document delivery service. Preferably, a user action can include only a single action, or a user action can include clicking a button, providing an audible command, or selecting received data. More preferably, the device may further comprise a user interface module for displaying a user interface for allowing selection or provision of data to be encrypted.

  According to a seventh aspect of the present invention, a method is provided for exchanging messages between computing devices in a communication network, the messages having encrypted data and scheme identifiers. The method includes executing encrypted program code for encrypting data in response to a first user action being performed on the first computing device; Encoding and transmitting a message to the second computing device by the first computing device, detecting execution of a second user action on the second computing device with respect to the message, second In response to detecting the execution of the user action, activating the decryption program code by the second computing device and obtaining the encrypted data to provide a message to the decryption program code associated with the scheme identifier By a second computing device to Decoding the message using the decryption program code, and decrypting the data encrypted by the second computing device via the decryption program code to obtain the decrypted data .

  According to an eighth aspect of the invention, a system is provided for the exchange of messages between computing devices in a communication network, the messages having encrypted data and scheme identifiers. The system responds to the first user action to execute the encrypted program code to encrypt the data, encode the encrypted data into the message, and transmit the message to the second computing device A first computing device comprising a processor module, configured to: a detector module for detecting execution of a second user action on the message; and for receiving a detection signal from the detector module And a processor module for activating the decryption program code to provide a message to the decryption program code associated with the scheme identifier in response to the detection signal, and a decryption program code for obtaining the encrypted data Use to A second computing device, comprising: a decoder module for coding; and a decryption module for decrypting the encrypted data via the decryption program code to obtain the decrypted data.

  It should be understood that features relating to one aspect of the invention are applicable to other aspects of the invention.

  These and other aspects of the invention will be apparent from and elucidated with reference to the embodiments described hereinafter.

  Embodiments of the present invention are disclosed below with reference to the accompanying drawings.

FIG. 4 is a screenshot showing encrypted data in an SMS message received by a mobile operating system, according to the prior art, where the encrypted data is shown as static text on the mobile operating system. FIG. 1b is a screen shot of a mobile operating system user performing a “copy” action to digitally copy encrypted data to the mobile operating system working memory buffer, following FIG. 1a. 1 is a schematic diagram illustrating a system for exchanging messages having encrypted data between first and second computing devices in a communication network, in accordance with an embodiment of the present invention. FIG. FIG. 3 is a flow diagram illustrating a method for providing a message to a second computing device by the first computing device of FIG. FIG. 4 is a flow diagram illustrating a process for encrypting and encoding data as used in the method of FIG. FIG. 4 is a flow diagram illustrating a process for transmitting a message as used in the method of FIG. FIG. 3 is a flow diagram illustrating a method for processing a message received by a second computing device from the first computing device of FIG. FIG. 3 is a screen shot illustrating receipt of a message by the second computing device of FIG. FIG. 6 is a flow diagram illustrating a process for decoding and decoding a message as used in the method of FIG. FIG. 4 is a flow diagram illustrating a process for transmitting a message, such as used in the method of FIG. 3, according to another embodiment.

  For exchanging a message 202 having encrypted data between computing devices (including first and second computing devices 204, 206) in a communication network according to the first embodiment, A system 200 (ie, see the schematic diagram of FIG. 2) and corresponding method are disclosed. Examples of the first and second computing devices 204, 206 include mobile computing devices (e.g., smartphones such as iPhone (TM) or tablets such as iPad (TM)), wired computers (e.g. desktop personal computers), etc. . However, in this embodiment, the first and second computing devices 204, 206 are mobile computing devices running on a predetermined suitable mobile operating system (eg, iOS ™ from Apple Inc ™). Device. For ease of reference below, the first and second computing devices 204, 206 are referred to as an encryption device 204 and a decryption device 206, respectively, unless explicitly indicated otherwise. Multiple encryption devices 204 and decryption devices 206 can be arranged in the communication network to exchange messages 202 with corresponding encrypted data with each other, but in this case for simplicity It will also be understood that this is not specifically shown in FIG.

  The encryption device 204 is configured to execute encrypted program code to provide the message 202 to the decryption device 206, and the decryption device 206 decrypts the decryption program code to process the message 202 from the encryption device 204. Configured to perform. In this embodiment, it is understood that the encryption and decryption program code is installed locally on the encryption and decryption devices 204, 206, and that the encryption and decryption program code is understood as a native mobile application. Like. Specifically, the encryption device 204 includes a processor module 2042, a receiver module 2044, a transmitter module 2046, a display module 2048, and a user interface module 20410. On the other hand, the decoding device 206 includes a processor module 2062, a receiver module 2064, a display module 2066, a detector module 2068, a decoder module 20610, and a decoding module 20612. In this case, it will be appreciated that the respective modules of the encryption device 204 and the decryption device 206 are implemented in software.

  With reference now to FIGS. 3 and 4, a method 300 performed by the encryption device 204 to provide the message 202 to the decryption device 206 will be described. Method 300 begins at step 302 where receiver module 2044 receives data to be encrypted and provides or selects data to be encrypted (from the data store of encryption device 204). And a user interface module that presents an interface to the user (not shown) of the encryption device 204 to select the recipient (ie, the decryption device 206 in this case) from the recipient list to which the user sends the message Involved in 20410. It will be understood that the data includes text, images, animation, video, or audio. In addition, an indication of the type of user action that will then be performed on the encryption device 204 to cause the data to be encrypted, encoded, and transmitted is also displayed to the user on the encryption device 204 by the display module 2048. The Examples of user actions include clicking a button (eg, using a mouse or a user's finger), providing an audible command, selecting received data (eg, by highlighting), etc. It is also emphasized that in this embodiment, the user action includes performing only a single action, such as a single tapping of a button.

  When the user selects or provides data to be encrypted, the user then performs the indicated user action, resulting in step 304 in which the processor module 2042 executes the encrypted program code to the user action. Will respond. More specifically, in step 306, in response to the user action being performed, the processor module 2042 then encrypts the data by using the encrypted program code and carries the encrypted data. The encrypted data is encoded in the message 202. It will be appreciated that message 202 is a particular encoding format. Relatedly, FIG. 4a shows a flow diagram of a process 400 performed by the processor module 2042 to encrypt and encode data. In particular, the process 400 of FIG. 4a involves first encrypting data to obtain encrypted data, which in turn obtains a message 202 comprising a particular encoding format. Encoded according to a predetermined encoding method. In this case, the predetermined encoding scheme configured to be a custom URL scheme specifically includes a corresponding custom uniform resource locator (URL) format including at least a scheme identifier, a domain identifier, a session identifier, and a data field. Encrypt the encrypted data in the message 202 having It will be appreciated that the domain identifier can be used to encode unencrypted information, eg, transmitted by the encryption device 204 to the decryption device 206. On the other hand, it will also be appreciated that the scheme identifier is defined to allow processing of the message 202 by the decoding device 206 upon receipt thereof.

In particular, when the decryption program code is transmitted by the encryption device 204, in order to facilitate the handling and processing of any message 202 determined to have the same data definition of the scheme identifier, It is configured to be registered to use “Inter-application communication via custom URL scheme” of the mobile operating system. That is, the decryption program code is associated with the scheme identifier as defined by the encryption device 204 in the message 202. A custom URL is a URL that is specially formatted to include a different customized identifier field. This “inter-application communication via the custom URL method” will be described in detail in a subsequent paragraph. In addition, as will be appreciated, the encrypted data is provided in the data field. Custom URL format has the following syntax
[A]: // [B]? Id = [C] & [D] (1)
Where “[A]” represents the header identifier, “[B]” represents the domain identifier, “[C]” represents the session identifier, and “[D]” represents the data Represents a field. For illustration, when defined as a custom URL according to syntax (1), "ontalk" is defined in "[A]" and "com.treeboxsolutions.ontalk.sso" is defined in "[B]" Then, the random ID of “AAAA” is defined in “[C]”, and the encrypted data of “XXXX” to be transmitted to the decryption device 206 via SMS is “sms = XXXX” as “ An example of message 202 defined within [D] is
ontalk: //com.treeboxsolutions.ontalk.sso? id = AAAA & sms = XXXX (2)
It becomes. Thus, the encryption device 204 transmits, for example, a message 202 with a predetermined identifier “ontalk”, which will also be recognized by the decryption device 206 for processing purposes (as described above). Of course, if the encrypted data “XXXX” is instead transmitted using other communication means such as MMS or e-mail, the syntax [1] “[D]” is correspondingly “mms = It will also be understood that it will be defined as "XXXX" or "email = XXXX" (etc.).

  Next, at step 308, under the command of the processor module 2042, the transmitter module 2046, as indicated by the arrow 208 (pointed from the encryption device 204 to the decryption device 206) shown in FIG. The message 202 is transmitted to the decryption device 206. Message 202 is transmitted, for example, via SMS, MMS, email, instant messaging, or electronic document delivery service. It will be appreciated that steps 306 and 308 are performed sequentially, but are performed collectively in response to a user action being performed by the user of the encryption device 204. Still referring to FIG. 4b, there is shown a flow diagram of a process 450 performed by the transmitter module 2046 to transmit the message 202, the message 202 being specifically adapted to interface with the transmitter module 2046. Transmitted using a three-party messaging software component 452a. In this case, the transmitter module 2046 is specifically integrated with the third party messaging software component 452a by interfacing with the relevant API provided by the third party messaging software component 452a.

  In particular, this process 450 of FIG. 4b includes first sending the message 202 by the encryption device 204 to the third party messaging system 454 via the third party messaging software component 452a, The system 454 forwards the message 202 to a similar third party messaging software component 452b located at the decryption device 206. In this case, the third party messaging software component 452b deployed on the decryption device 206 is provided in the mobile operating system as a separate application as shown in FIG. 4b, and is a different program code from the decryption program code. . Third party messaging system 454 is provided in a communication network and is configured to communicate data with both encryption device 204 and decryption device 206, but functions independently of encryption device 204 and decryption device 206. I understand that. It is also noted that the third party messaging system 454 is included as part of the system 200 of FIG.

Before discussing "Inter-application communication via a custom URL method", it will be understood that the custom URL method is first described. It will be understood that a URL, also called a web address, is a specific string that constitutes a reference to a resource. In a web browser, the web page URL is typically displayed in an address bar located in the upper section of the web page. An example of a typical URL would be “http://en.example.org/wiki/Main_Page”. Every URL is typically a method name (or commonly called a protocol), followed by a colon, two slashes, and then a server name (e.g. `` exp. '', `` Ftp. '', `` Www. ”,“ Smtp. ”, Etc.) followed by a dot (“. ”), Followed by the domain name (or alternatively IP address), port number, the resource to be fetched or the program to be executed In the case of a program such as a path, and then a common gateway interface (CGI) script, the format is defined as a query string and an optional fragment identifier. In short, the URL syntax is generally defined as:
scheme: // domain: port / path? query_string # fragment_id (3)

  A custom URL scheme is then a mechanism that allows third party mobile applications installed on the same mobile device via it to communicate with each other via corresponding specially formatted URLs. A mobile application can use a custom URL scheme to sell services to other mobile applications as desired. Specifically, a custom mobile application can receive specially formatted URLs by registering the corresponding custom URL scheme with the mobile operating system, and the mobile operating system can then Connect the mobile application to the custom URL method. It will be appreciated that if the mobile operating system is, for example, iOS version 6.0 or lower, the mobile operating system will recognize a specially formatted URL simply based on the scheme identifier. If the mobile operating system is, for example, an Android ™ OS, in addition, the mobile operating system may associate a specially formatted URL with a specific mobile application based on both the scheme identifier and the domain identifier. A domain identifier can be included as is possible.

  Regarding “inter-application communication via a custom URL scheme”, some mobile operating systems (eg, iOS ™ from Apple Inc ™) specifically include support for a particular such scheme. Where a native mobile application (installed on a mobile computing device) configured to register with the mobile operating system to associate with the scheme is advantageously associated using the scheme. Messages can be exchanged between other different mobile applications installed on the same device running a mobile operating system. The messages to be exchanged are specified in custom URLs passed between different mobile applications as needed. Registered mobile applications can initiate specific requests using a custom URL scheme. For example, if it is desirable for a registered mobile application to display an address in a map application, the registered mobile application creates a custom URL that specifies the address that will be displayed, and then the custom URL that is created Can be used to call the start of the map application (by the mobile operating system). When started, the created custom URL is automatically passed from the registered mobile application to the map application, which then reads and displays the address specified accordingly. Different custom-developed mobile applications create corresponding specially formatted custom URLs (based on the needs of the associated area of the application, if necessary) to facilitate similar types of communication It will be appreciated that different custom URL schemes can be implemented.

  Next, with reference to FIGS. 5 and 6, a method 500 performed by the decryption device 206 to process the message 202 from the encryption device 204 will be described. In particular, FIG. 6a is a screenshot 600 showing receipt of message 202 by decryption device 206 via third party messaging software component 452b. The message 202 is received via the third party messaging software component 452b in the decryption device 206, for example, as a SMS, MMS, email, or via instant messaging, electronic document delivery service, etc. It will be understood that it is received by 2064. The third party messaging software component 452b at the decryption device 206 then has an indication of the type of user action that will be performed by the user (not shown) of the decryption device 206 to process the message 202, Message 202 is displayed. The definition of the user action in this case is the same as previously described in method 300 of FIG. 3, except that it is read as received in the context of message 202 (not the data that is to be encrypted). Same and not repeated for brevity.

  Message 202 is highlighted and underlined as blue text by third party messaging software component 452b, for example when received via SMS, and is digitally displayed by the user of decryption device 206 via execution of the indicated user action. Can be selected by processing. It will be appreciated that the underlining of message 202 as blue text is provided as a non-limiting example, and other suitable forms of highlighting or indication are possible as will be appreciated by those skilled in the art. For example, the highlighting can be displayed in the form of an icon in the message 202. The user of the decryption device 206 can then select the message 202 by performing the indicated user action (eg, tapping blue text). In step 502 of the method 500 of FIG. 5, the detector module 2068 of the decoding device 206 detects the execution of a user action related to the message 202. As mentioned above, since message 202 is actually a specially formatted URL generated based on a custom URL scheme, the execution of the indicated user action results in decryption device 206 (mobile operating system) At step 504 of method 500, the decryption program code can be automatically activated (eg, initiated), and activation is performed based on the scheme identifier determined from message 202. As described above, the decryption program code is associated with the scheme identifier. Message 202 is then provided verbatim to the decryption program code via a custom URL scheme by third party messaging software component 452b for further processing in step 506 of this same method as described. The

  Subsequently, at step 508, the decoder module 20610 decodes the message 202 using the decryption program code to obtain encrypted data, after which the decryption module 20612 obtains the decrypted data. Again, the decrypted program code is used to decrypt the encrypted data. Relatedly, FIG. 6b shows a flow diagram of a process 650 performed by the decoder module 20610 and the decoding module 20612 of the decoding device 206 to decode and decode the message 202, respectively. In particular, process 650 of FIG. 6b includes first decoding message 202 according to a predetermined decoding scheme to obtain encrypted data, where the encrypted data is then decrypted data. Is decrypted to obtain It will be appreciated that the predetermined decoding scheme is simply performed in the reverse order of the predetermined encoding scheme (as used in the process 400 of FIG. 4a). It will also be appreciated that steps 506 and 508 are performed in sequence, but are performed collectively in response to a user action of the user of decryption device 206. In addition, steps 504 to 508 are also performed in response to detecting the execution of the user action by detector module 2068. Thereafter, in step 510, the display module 2066 displays the decrypted data to the user of the decryption device 206.

  In the following, another embodiment of the present invention will be described. For the sake of brevity, descriptions of the same elements, functions, and operations that are common among the embodiments will not be repeated, but instead will refer to similar portions of the related embodiments.

  According to the second embodiment, the respective modules of the encryption device 204 and the decryption device 206 are hardware based rather than software based. In fact, in this case, the processor module 2042, the receiver module 2044, the transmitter module 2046, the display module 2048, and the user interface module 20410 of the encryption device 204 have a faster response time and a more efficient message 202. Implemented in hardware for processing. Similarly, the processor module 2062, the receiver module 2064, the display module 2066, the detector module 2068, the decoder module 20610, and the decoding module 20612 of the decoding device 206 may also achieve similar aforementioned advantages with respect to processing of the message 202. Implemented in hardware.

  According to the third embodiment, referring to FIG. 7, which shows a flow diagram of another process 700 performed by the transmitter module 2046 to transmit the message 202, the message 202 is that shown in FIG. It is transmitted using another third party messaging software component 702 different from 452a. In this case, the third party messaging software component 702 residing on the encryption device 204 is pre-provided and installed within the mobile operating system, and the third party messaging software component by the transmitter module 2046 (of the encryption device 204). Communication with 702 is performed using “inter-application communication via a custom URL method”. Referring also to the method 300 of FIG. 3, once the processor module 2042 encrypts the data and encodes the encrypted data into the message 202, the message 202 is then sent by the transmitter module 2046 (under the command of the processor module 2042). ) To the third party messaging software component 702 of FIG. 7 via a corresponding custom URL scheme. In this case, the entire message 202 is inserted under “[D]” according to the custom URL syntax (1) defined according to the corresponding custom URL method. However, in other anticipated variants, the entire message 202 need not be inserted under “[D]”; instead, any one written after the delimiter “?” As in syntax (1) It will also be appreciated that the information can also be customized and therefore depends on the defined custom URL scheme. Upon receipt, the third party messaging software component 702 extracts the message 202 as received from the associated custom URL and then the message 202 (as described above in FIG. 4) with the third party messaging system 454. And the third party messaging system 454 forwards the message 202 to a third party messaging software component 452b configured in the decryption device 206 for processing. The rest of the process for decoding message 202 thereafter is the same as that described above in the first embodiment and will not be repeated for brevity.

  In summary, the proposed system 200 (and corresponding method) is more specific for messages having encrypted data between the first and second computing devices 204, 206 in the communication network. In other words, it enables exchanges through the use of “inter-application communication via a custom URL method”. The encryption device 204 provides a user interface for entry or selection of data to be encrypted, and the user of the encryption device 204 into the message 202 carrying the encrypted data and scheme identifier. Displays an indication of the type of user action (eg button tapping) that will be performed for secure processing of the data. Thereafter, in response to the indicated user action being performed, the data is encrypted and encoded in message 202 using a custom URL format and sent to decryption device 206 via third party digital messaging system 454. Sent. The decryption program code on decryption device 206 is registered with the mobile operating system installed on it to handle the processing of message 202 via a custom URL scheme. That is, the decryption program code is associated with the method identifier. The third party messaging software component 452b at the decryption device 206 receives and displays the message 202, and the user action that the user of the decryption device 206 will perform to decrypt the message 202 (e.g., the message 202 It also displays an indication of selecting the highlighted display. In response to the indicated user action being performed, the decryption program code is automatically launched by the mobile operating system (installed on decryption device 206), after which the message obtains the decrypted data Forwarded to the decryption program code by the third party messaging software component 452b for processing. Subsequently, the decrypted data is displayed to the user of the decryption device 206.

  Thus, by utilizing a custom URL scheme with inter-application communication support provided by the associated mobile operating system, the method 500 of FIG. 5 is advantageously received via a third party digital messaging application 452b. The processing of the message 202 (with encrypted data) is based on the scheme identifier, possibly for traditional processing of the message to a third party digital messaging application for processing to obtain the encrypted data. It enables convenient execution by automatically activating the decryption program code upon execution of a user action on message 202 without having to manually copy and paste from 452b to the decryption program code. Thus, the proposed method 500 reduces the number of user interactions required to process such messages, and thus advantageously streamlines the overall user experience for performing these tasks. Additional metadata / parameters for encrypted messages can be customized, eg, algorithm type, key length, etc., advantageously allowing automatic communication of these additional metadata / parameters to decryption program code It will be appreciated that encoding within a URL is possible. As a result, there is no need for the user to manually specify those additional metadata / parameters via the user interface via a copy and paste method as conventionally performed.

  However, the described embodiments should not be construed as limiting. For example, the first and second computing devices 204, 206 can be any other type of device other than a mobile computing device, and the first and second computing devices 204, 206 are It will be appreciated that a running operating system also includes support for “inter-application communication via a custom URL scheme” (as described above), or an equivalent scheme with similar functionality as an alternative. In addition, in certain embodiments, the respective modules of encryption device 204 and decryption device 206 (if implemented in software) can be programmatically integrated and similar computers that can be expected to process message 202. Can be provided as a single complete software application that can be installed on and executed by a storage device. Of course, in such a case, the encryption device 204 can send the message 202 to the decryption device 206 or receive it from the decryption device 206 and vice versa. Optionally, a single complete software application can be implemented entirely in hardware, and a copy of such implemented hardware can be used for each of encryption device 204 and decryption device 206 to process message 202. Can be installed.

  The user action shown to be performed need not necessarily be a single action; instead, the user action is a double-tapping (using the mouse) or double-clicking, such as highlighted text, It will also be appreciated that a series of user actions is possible. Further, in certain embodiments, the encryption device 204 will optionally be encrypted by the user of the encryption device 204 instead of selecting or providing data via an interface presented by the user interface module 20410. A data generator module (not shown) may also be included that allows the desired data to be generated. In addition, other variants are for communicating insensitive metadata about encrypted data, i.e., similar to the way the encrypted file format header holds metadata about a file such as a version, Using a custom URL can be included.

  Although the invention has been illustrated and described in detail in the drawings and foregoing description, such illustration and description are to be considered illustrative and not restrictive and the invention is not limited to the disclosed embodiments. . Other variations to the disclosed embodiments can be understood and executed by those skilled in the art in practicing the claimed invention.

200 systems
202 messages
204 Encryption device
206 Decryption device
208 arrows
2042 processor module
2044 receiver module
2046 transmitter module
2048 display module
20410 User interface
2062 Processor module
2064 receiver module
2066 display module
2068 detector module
20610 Decoder module
20612 Decryption module
452a Third-party messaging software components
452b Third-party messaging software components
454 Third Party Messaging System
702 Third Party Messaging Software Components

Claims (45)

A method performed by a computing device to process a message from another computing device in a communication network, the message including encrypted data and a scheme identifier, the method comprising:
Detecting the execution of a user action on the message;
Activating the program code to provide the message to a decrypted program code associated with the scheme identifier in response to detecting execution of the user action;
Decoding the message using the program code to obtain the encrypted data;
Decrypting the encrypted data via the program code to obtain the decrypted data;
Including a method.   The method of claim 1, further comprising displaying the decrypted data to a user of the computing device.   The method according to claim 1 or 2, wherein the scheme identifier includes a header of the message.   The method according to claim 1, wherein the message further includes at least a domain identifier, a session identifier, and a data field, and the data field includes the encrypted data.   5. Decoding the message to obtain the encrypted data comprises performing the decoding according to a predetermined decoding scheme including a custom URL scheme. The method according to one item.   The method of claim 1, wherein the decoded data comprises text, images, animation, video, or audio.   7. The method of any one of claims 1 to 6, further comprising receiving the message via at least an SMS, MMS, email, instant messaging, or electronic document delivery service.   The method according to claim 1, wherein the user action includes only a single action.   9. A method according to any one of claims 1 to 8, wherein the user action comprises a button click, provision of an audible command, or selection of the message.   10. A method according to any one of the preceding claims, further comprising the step of displaying an indication of the type of user action to be performed. A method performed by a computing device to provide a message having encrypted data to another computing device in a communication network, comprising:
Executing encrypted program code to encrypt data in response to user actions being performed; encoding the encrypted data into the message; and Transmitting to a computing device of
The message includes a scheme identifier to allow the another computing device to launch a decryption program code associated with the scheme identifier for processing the message.
Method.   12. The method of claim 11, wherein the scheme identifier includes a header of the message.   13. A method according to claim 11 or 12, further comprising the step of receiving or generating data to be encrypted.   14. The method according to any one of claims 11 to 13, wherein the message further comprises at least a domain identifier, a session identifier, and a data field, and the encrypted data is provided in the data field.   15. A method according to any one of claims 11 to 14, wherein encoding the encrypted data in the message comprises performing the encoding according to a predetermined encoding scheme including a custom URL scheme. .   16. A method according to any one of claims 11 to 15, further comprising the step of displaying an indication of the type of user action to be performed.   17. A method according to any one of claims 11 to 16, wherein the data comprises text, images, animation, video or audio.   18. A method according to any one of claims 11 to 17, wherein transmitting the message comprises transmitting at least via SMS, MMS, email, instant messaging, or electronic document delivery service.   19. A method according to any one of claims 11 to 18, wherein the user action includes only a single action.   20. A method according to any one of claims 11 to 19, wherein the user action includes a button click, provision of an audible command, or selection of the received data.   21. A method according to any one of claims 11 to 20, further comprising displaying a user interface to allow selection or provision of the data to be encrypted. A method performed by a mobile computing device to process a message from another mobile computing device in a communication network, the message including encrypted data and a scheme identifier;
Detecting the execution of only a single action on the message;
In response to detecting execution of the single action, invoking the program code to provide the message to a decrypted program code associated with the scheme identifier;
Decoding the message using the program code to obtain the encrypted data;
Decrypting the encrypted data via the program code to obtain the decrypted data;
Including a method. A method performed by a mobile computing device to provide a message having encrypted data to another mobile computing device in a communication network comprising:
Executing encrypted program code to encrypt data in response to only a single action being performed; encoding the encrypted data into the message; and the message Transmitting to another mobile computing device,
The message includes a scheme identifier for allowing the another mobile computing device to launch a decryption program code associated with the scheme identifier for processing the message.
Method. A decryption device for processing a message from a computing device in a communication network, wherein the message includes encrypted data and a scheme identifier, the decryption device comprising:
A detector module for detecting execution of a user action on the message;
A processor module for receiving a detection signal from the detector module and for invoking the program code to provide the message to a decoded program code associated with the scheme identifier in response to the detection signal; ,
A decoder module for decoding the message using the program code to obtain the encrypted data;
A decryption module for decrypting the encrypted data via the program code to obtain decrypted data;
A decryption device.   25. The display module of claim 24, further comprising a display module for displaying the decrypted data to a user of the decryption device or for displaying an indication of the type of user action to be performed. device.   26. A device according to claim 24 or 25, wherein the scheme identifier includes a header of the message.   27. The device of any one of claims 24 to 26, wherein the message further includes at least a domain identifier, a session identifier, and a data field, wherein the data field includes the encrypted data.   28. A device according to any one of claims 24 to 27, wherein the decoder module is arranged to decode the message according to a predetermined decoding scheme including a custom URL scheme.   25. The device of claim 24, wherein the decoded data includes text, images, animation, video, or audio.   30. The device of any one of claims 24-29, further comprising a receiver module for receiving the message via at least SMS, MMS, email, instant messaging, or electronic document delivery service.   31. A device according to any one of claims 24 to 30, wherein the user action includes only a single action.   32. A device according to any one of claims 24 to 31, wherein the user action comprises a button click, provision of an audible command, or selection of the message. An encryption device configured to execute encrypted program code to provide a message having encrypted data to a computing device in a communication network, comprising:
Configured to respond to user actions to execute encrypted program code for encrypting data, encoding the encrypted data into the message, and transmitting the message to the computing device. A processor module,
The message includes a scheme identifier to allow the computing device to launch a decryption program code associated with the scheme identifier to process the message.
Encryption device.   34. The device of claim 33, wherein the scheme identifier includes a header of the message.   35. A device according to claim 33 or 34, further comprising a receiver module for receiving data to be encrypted.   36. The device of any one of claims 33 to 35, wherein the message further includes at least a domain identifier, a session identifier, and a data field, and the encrypted data is provided in the data field.   37. A device according to any one of claims 33 to 36, wherein the processor module is arranged to encode the encrypted data according to a predetermined encoding scheme including a custom URL scheme.   38. A device according to any one of claims 33 to 37, further comprising a display module for displaying an indication of the type of user action to be performed.   39. A device according to any one of claims 33 to 38, wherein the data comprises text, images, animation, video or audio.   40. Any of claims 33 to 39, wherein the processor module is configured to transmit the message using a transmitter module via at least an SMS, MMS, email, instant messaging, or electronic document delivery service. A device according to claim 1.   41. A device according to any one of claims 33 to 40, wherein the user action comprises only a single action.   42. A device according to any one of claims 33 to 41, wherein the user action comprises a button click, provision of an audible command, or selection of the received message.   43. A device according to any one of claims 33 to 42, further comprising a user interface module for displaying a user interface for enabling selection or provision of the data to be encrypted. A method for exchanging messages between computing devices in a communication network, wherein the messages have encrypted data and a scheme identifier, the method comprising:
Executing encrypted program code for encrypting data in response to a first user action being performed on the first computing device; and encrypting the data in the message Encoding the message to the second computing device by the first computing device; and
Detecting execution of a second user action on the second computing device with respect to the message;
Activating the decryption program code by the second computing device to provide the message to the decryption program code associated with the scheme identifier in response to detecting execution of the second user action. When,
Decoding the message using the decryption program code by the second computing device to obtain the encrypted data;
Decrypting the encrypted data by the second computing device via the decryption program code to obtain decrypted data;
Including a method. A system for exchanging messages between computing devices in a communication network, wherein the messages have encrypted data and scheme identifiers, the system comprising:
In a first user action to execute encrypted program code for encrypting data, encoding the encrypted data into the message, and transmitting the message to a second computing device. A first computing device comprising a processor module configured to respond; and
A detector module for detecting execution of a second user action on the message;
A processor module for receiving a detection signal from the detector module and activating the decoding program code to provide the message to a decoding program code associated with the scheme identifier in response to the detection signal When,
A decoder module for decoding the message using the program code to obtain the encrypted data;
A decryption module for decrypting the encrypted data via the decryption program code to obtain decrypted data;
A second computing device comprising:
A system comprising: